feat(config): refactor YAML files and add new object store configuration

flux/clusters/dev-cm/infra-data/post-1/cnpg17-cluster-hk.yaml

@@ -18,20 +18,6 @@ spec:
       value: when_required
     - name: AWS_RESPONSE_CHECKSUM_VALIDATION
       value: when_required
-  # >>> RECOVERY: 迁移完成后删除 bootstrap + externalClusters 段 <<<
-  bootstrap:
-    recovery:
-      source: recovery-source-hk
-      recoveryTarget:
-        targetTime: "2026-04-21 00:00:01.000000+00"
-  externalClusters:
-    - name: recovery-source-hk
-      plugin:
-        name: barman-cloud.cloudnative-pg.io
-        parameters:
-          barmanObjectName: cnpg17-objectstore-hw
-          serverName: cnpg17-cluster-hk-a
-  # <<< END RECOVERY >>>
   plugins:
     - name: barman-cloud.cloudnative-pg.io
       isWALArchiver: true

flux/clusters/dev-cm/infra-data/post-1/cnpg17-cluster-sh.yaml

@@ -18,20 +18,6 @@ spec:
       value: when_required
     - name: AWS_RESPONSE_CHECKSUM_VALIDATION
       value: when_required
-  # >>> RECOVERY: 迁移完成后删除 bootstrap + externalClusters 段 <<<
-  bootstrap:
-    recovery:
-      source: recovery-source-sh
-      recoveryTarget:
-        targetTime: "2026-04-21 00:00:01.000000+00"
-  externalClusters:
-    - name: recovery-source-sh
-      plugin:
-        name: barman-cloud.cloudnative-pg.io
-        parameters:
-          barmanObjectName: cnpg17-objectstore-hw
-          serverName: cnpg17-cluster-sh-a
-  # <<< END RECOVERY >>>
   plugins:
     - name: barman-cloud.cloudnative-pg.io
       isWALArchiver: true

flux/clusters/dev-cm/infra-data/post-1/cnpg17-objectstore-hw.yaml

@@ -0,0 +1,20 @@
+apiVersion: barmancloud.cnpg.io/v1
+kind: ObjectStore
+metadata:
+  name: cnpg17-objectstore-hw
+  namespace: infra-data
+spec:
+  retentionPolicy: "7d"
+  configuration:
+    destinationPath: s3://devcm/cnpg/
+    endpointURL: https://obs.cn-east-3.myhuaweicloud.com
+    s3Credentials:
+      accessKeyId:
+        name: s3-devcm-hw
+        key: ACCESS_KEY_ID
+      secretAccessKey:
+        name: s3-devcm-hw
+        key: ACCESS_SECRET_KEY
+    wal:
+      compression: gzip
+      maxParallel: 8

flux/clusters/dev-cm/infra-data/post-1/kustomization.yaml

@@ -1,7 +1,7 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../../infrastructure/infra-data/post-1/cnpg17-objectstore-hw.yaml
+  - cnpg17-objectstore-hw.yaml
   - cnpg17-cluster-hk.yaml
   - cnpg17-cluster-sh.yaml
   - databases.yaml

flux/clusters/dev-cm/infra-data/post-1/patch.yaml

@@ -3,7 +3,7 @@ kind: Kustomization
 metadata:
   name: infra-data-post-1
 spec:
-  path: ./flux/clusters/dev-cm/infra-data-post-1
+  path: ./flux/clusters/dev-cm/infra-data/post-1
   patches:
     - target:
         kind: Cluster

flux/clusters/dev-cm/infra-data/post-2/patch.yaml

@@ -3,4 +3,4 @@ kind: Kustomization
 metadata:
   name: infra-data-post-2
 spec:
-  path: ./flux/clusters/dev-cm/infra-data-post-2
+  path: ./flux/clusters/dev-cm/infra-data/post-2

flux/clusters/dev-cm/kustomization.yaml

@@ -6,11 +6,11 @@ patches:
   - target:
       kind: Kustomization
       name: kube-system
-    path: patches/kube-system.yaml
+    path: kube-system.yaml
   - target:
       kind: Kustomization
       name: infra-devops
-    path: patches/infra-devops.yaml
+    path: infra-devops.yaml
   - target:
       kind: Kustomization
       name: infra-data
@@ -18,32 +18,32 @@ patches:
   - target:
       kind: Kustomization
       name: infra-data-post-1
-    path: infra-data-post-1/patch.yaml
+    path: infra-data/post-1/patch.yaml
   - target:
       kind: Kustomization
       name: infra-data-post-2
-    path: infra-data-post-2/patch.yaml
+    path: infra-data/post-2/patch.yaml
   - target:
       kind: Kustomization
       name: infra-net
-    path: patches/infra-net.yaml
+    path: infra-net.yaml
   - target:
       kind: Kustomization
       name: infra-monitor
-    path: patches/infra-monitor.yaml
+    path: infra-monitor.yaml
   - target:
       kind: Kustomization
       name: infra-monitor-post
-    path: patches/infra-monitor-post.yaml
+    path: infra-monitor-post.yaml
   - target:
       kind: Kustomization
       name: infra-gitops
-    path: patches/infra-gitops.yaml
+    path: infra-gitops.yaml
   - target:
       kind: Kustomization
       name: infra-gitops-post
-    path: patches/infra-gitops-post.yaml
+    path: infra-gitops-post.yaml
   - target:
       kind: Kustomization
       name: apps
-    path: patches/apps.yaml
+    path: apps.yaml

flux/infrastructure/sources/helm-repositories.yaml

@@ -6,6 +6,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://charts.jetstack.io
 ---
 # cert-manager-webhook-dnspod (OCI)
@@ -16,6 +17,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://imroc.github.io/cert-manager-webhook-dnspod
 ---
 # reflector
@@ -26,6 +28,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://emberstack.github.io/helm-charts
 ---
 # velero
@@ -36,6 +39,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://vmware-tanzu.github.io/helm-charts
 ---
 # cloudnative-pg, plugin-barman-cloud
@@ -46,6 +50,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://cloudnative-pg.github.io/charts
 ---
 # valkey-cluster (OCI)
@@ -56,6 +61,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   type: oci
   url: oci://docker.m.daocloud.io/bitnamicharts
 ---
@@ -67,6 +73,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://kubernetes.github.io/ingress-nginx
 ---
 # crowdsec
@@ -77,6 +84,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://crowdsecurity.github.io/helm-charts
 ---
 # tailscale-derp, rustdesk-server
@@ -87,6 +95,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://devcm-repo.github.io/helm-charts
 ---
 # loki, promtail
@@ -97,6 +106,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://grafana.github.io/helm-charts
 ---
 # kube-prometheus-stack
@@ -107,6 +117,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://prometheus-community.github.io/helm-charts
 ---
 # gitea, gitea-actions
@@ -117,6 +128,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://dl.gitea.com/charts
 ---
 # whoami
@@ -127,6 +139,7 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://cowboysysop.github.io/charts/
 ---
 # halo
@@ -137,4 +150,5 @@ metadata:
   namespace: infra-gitops
 spec:
   interval: 168h
+  timeout: 5m
   url: https://halo-sigs.github.io/charts/